漏洞描述
WP Statistics 是一个 WordPress 插件,允许站点所有者查看有关其站点访问者的详细统计信息,包括他们访问了站点上的哪些页面。作为管理员,访问WP Statistics“页面”菜单项会生成一个 SQL 查询,以显示有关哪些页面获得最多流量的统计信息。
WordPress插件wp-statistics时间盲注(CVE-2021-24340)
PoC代码
暂无相关漏洞推荐
- POC CVE-2022-0188: CMP WordPress < 4.0.19 - Broken Access Control
- POC wordpress-wp-env-exposure: WordPress Configuration wp-env - Exposure
- POC wp-wpstatistics-log: WordPress Plugin WP Statistics Error Log Disclosure
- POC wp-a3-lazy-load-top-fpd: WordPress a3 Lazy Load - Full Path Disclosure
- POC wp-breadcrumb-navxt-fpd: WordPress Breadcrumb NavXT - Full Path Disclosure
- POC wp-cf7-data-source-fpd: WordPress Data Source for Contact Form 7 - Full Path Disclosure
- POC wp-header-footer-elementor-fpd: WordPress Header Footer Elementor - Full Path Disclosure
- POC wp-easy-wp-smtp-log-exposure: WordPress Easy WP SMTP - Log Exposure
- WordPress Drag and Drop Multiple File Upload for WooCommerce dnd_codedropz_upload_wc 文件上传漏洞(CVE-2025-4403)
- WordPress Broken Link Notifier /wp-admin/admin-ajax.php blnotifier_blinks 服务器端请求伪造漏洞(CVE-2025-6851)
- POC CVE-2024-29137: WordPress Tourfic Plugin <= 2.11.7 - Cross-Site Scripting
- POC wordpress-meta-box-fpd: WordPress Meta Box - Full Path Disclosure
- POC wp-add-search-to-menu-fpd: WordPress Ivory Search - Full Path Disclosure